CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2678

2678 vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-5338	Ruijie RG-UAC online.php os command injection — RG-UAC	4.7	Medium	2024-05-25
CVE-2024-5337	Ruijie RG-UAC user_commit.php os command injection — RG-UAC	4.7	Medium	2024-05-25
CVE-2024-5336	Ruijie RG-UAC vlan_add_commit.php addVlan os command injection — RG-UAC	4.7	Medium	2024-05-25
CVE-2024-5227	TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability — Omada ER605	8.8^AI	High^AI	2024-05-23
CVE-2024-5297	D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability — D-View	8.8^AI	High^AI	2024-05-23
CVE-2024-5295	D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability — G416	8.8^AI	High^AI	2024-05-23
CVE-2024-5291	D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability — DIR-2150	8.8^AI	High^AI	2024-05-23
CVE-2024-5241	Huashi Private Cloud CDN Live Streaming Acceleration Server ipconfig_new.php os command injection — Private Cloud CDN Live Streaming Acceleration Server	4.7	Medium	2024-05-23
CVE-2023-3939	Multiple command injection in ZkTeco-based OEM devices — ZkTeco-based OEM devices with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0	10.0	Critical	2024-05-21
CVE-2024-0401	ASUS OVPN RCE — ExpertWiFi	7.2	High	2024-05-20
CVE-2024-20326	Cisco Crosswork Network Services Orchestrator 安全漏洞 — Cisco ConfD	7.8	High	2024-05-16
CVE-2024-30314	Dreamweaver Desktop \| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) — Dreamweaver Desktop	7.8	High	2024-05-16
CVE-2024-3126	Command Injection in parisneo/lollms-webui — parisneo/lollms-webui	9.8^AI	Critical^AI	2024-05-16
CVE-2024-4965	D-Link DAR-7000-40 resmanage.php os command injection — DAR-7000-40	6.3	Medium	2024-05-16
CVE-2023-6321	Owlet Camera OS command injection — Cam v2	7.2	High	2024-05-15
CVE-2024-1628	OS command injection vulnerabilities in GE HealthCare ultrasound devices — Venue	8.4	High	2024-05-14
CVE-2024-4816	Ruijie RG-UAC gre_add_commit.php os command injection — RG-UAC	6.3	Medium	2024-05-13
CVE-2024-4815	Ruijie RG-UAC detail.php os command injection — RG-UAC	6.3	Medium	2024-05-13
CVE-2024-4814	Ruijie RG-UAC static_route_edit_commit.php os command injection — RG-UAC	6.3	Medium	2024-05-13
CVE-2024-4813	Ruijie RG-UAC interface_commit.php os command injection — RG-UAC	6.3	Medium	2024-05-13
CVE-2023-47709	IBM Security Guardium command injection — Security Guardium	9.1	Critical	2024-05-11
CVE-2024-2662	Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Admin+) Command Injection — Unlimited Elements For Elementor	7.2	High	2024-05-10
CVE-2022-43654	NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability — CAX30S	8.8^AI	High^AI	2024-05-07
CVE-2024-4582	Faraday GM8181/GM828x NTP Service os command injection — GM8181	7.3	High	2024-05-07
CVE-2024-4510	Ruijie RG-UAC arp_add_commit.php os command injection — RG-UAC	4.7	Medium	2024-05-06
CVE-2024-4509	Ruijie RG-UAC add_commit.php os command injection — RG-UAC	4.7	Medium	2024-05-06
CVE-2024-4508	Ruijie RG-UAC static_route_edit_ipv6.php os command injection — RG-UAC	4.7	Medium	2024-05-06
CVE-2024-33112	D-Link DIR-845 安全漏洞 — n/a	9.8^AI	Critical^AI	2024-05-06
CVE-2024-4507	Ruijie RG-UAC static_route_add_ipv6.php os command injection — RG-UAC	4.7	Medium	2024-05-05
CVE-2024-4506	Ruijie RG-UAC ip_addr_edit_commit.php os command injection — RG-UAC	4.7	Medium	2024-05-05

Vulnerabilities classified as CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) represent 2678 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-78 (OS命令中使用的特殊元素转义处理不恰当(OS命令注入)) — Vulnerability Class 2678